Consultant

We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We’re not afraid to do things differently and our clients appreciate us for that.

We typically work with senior clients — like CIOs, CTOs, CISOs, plus CEOs and NEDs — over longer periods to deliver real and measurable outcomes, rather than one-off deliverables.

We work collaboratively and securely in the open with our clients using tools to automate tasks, track progress and responsibility, and share our findings. This is how we like to work.

We work on interesting engagements where security meets ‘the business’ to better understand, communicate and manage cyber risk. That may involve helping to identify the sources of risk to an organisation, how frequently they face different types of risk events, and quantifying the consequences of these to their operations. It may be producing a light-touch Cyber Scorecard or taking a deeper dive assessment into their security posture. We also help boards and leadership teams explore risk scenarios through cyber exercises (or ‘war games’).

We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You’ll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.

We’re a remote-first business so you’ll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn’t mean you’ll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they’re up to and the problems they’re facing.

We want you to succeed and will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you’re learning. Every week we talk about what we’ve achieved, learned and reflect on a problem we’ll need to solve soon.

This is a UK-based, primarily work from home role, with some travel required to meetings and clients.

Who we are looking for

We’re looking for someone to join our team as a cyber risk consultant. They’ll have an inquisitive mind and want to improve the world around them. This will come across on a day to day basis as they work to understand our clients’ business and help them to make better decisions that improves their cyber security posture. They will have the ability to communicate clearly and concisely in both written and verbal form, and will have the confidence to question and challenge the status quo.

We don’t expect them to have loads of cyber certifications; though they will have a couple of years of experience, and we do need them to demonstrate an aptitude for consulting and a willingness to learn on the job.

Does this sound like you? Ok, then read on!

About the role

You’ll be working at the intersection of cyber security and ‘the business’ to assess security postures and conduct cyber risk assessments. Your ability to listen to our clients and ask questions before making an assumption is key. You’ll be working collaboratively with our clients - we share work in progress deliverables with them for feedback as we go - using internally developed methods and processes, industry practices and open-source tools. 

You’ll be working with senior business leaders, both within the security and IT teams, as well as non-technical teams and board members. You’ll be helping them to identify what needs protecting and prioritising, and understanding what the consequences of risk events are to their operations.

You should be comfortable problem solving by breaking down challenges into small, more manageable parts, and documenting any assumptions or estimates that you make along the way. You may take the lead on carrying out and writing up interviews and workshops, analysing the data we have collected, and looking for patterns and insights to develop recommendations with others in the team.

The role will involve communicating our findings and recommendations in the most effective way possible, focusing on realistic, pragmatic and sustainable solutions that put user needs first and steers away from fear-mongering. This may involve managing exceptions and require you to influence clients and other stakeholders

You may be required to work autonomously and take the lead on completing smaller projects and individual tasks, as well as keeping our clients up to date. Some projects will require travel to client sites. That may be for the odd meeting or workshop, or it may be for multiple days over a few weeks. Most of our clients and meeting locations are in the South East.

Outside of the ‘billable’ client work you’ll also be contributing to our internal tools and processes and open-source projects. You’ll be expected to raise awareness of our services, to help propose new services to clients and (reverse) mentor colleagues. 

Package and benefits

We think that we offer a competitive package, so we’re not afraid to tell you about it upfront.

The salary for this role is £37,000. We also like to look after our people and offer the great benefits listed on our careers page. 

Working at Cydea

We are a small, young, cyber security consultancy that welcomes challenge and values different perspectives. We're not afraid to do things differently and our clients appreciate us for that. We have a passion for developing talent and would love for you to have a long, successful and rewarding career with us.

We believe in making the world a better place and do that through two specific programmes. Through Cydea x Good Causes you can expect to spend time supporting good causes on a pro-bono basis or helping them with grants to purchase security solutions. You'll also be expected to contribute to open-source projects through cydea.tools that provides any organisation with free tools to improve their security posture.

We're a remote-first and flexible business so you'll spend less time commuting and more time doing things that matter (client work, or perhaps doing the school run). That doesn't mean you'll be alone: we use collaboration tools to keep in touch day-to-day and have monthly Team Days in different locations to get together, celebrate successes and plan for the future. Often our clients drop by to share what they're up to and the problems they're facing.

We want you to succeed and your line manager will support and guide you in your assignments, and your career more generally. You will be supervised, but not micromanaged. We will invest in your development through formal courses, online learning, career mentorship, on-the-job training and regular feedback. We budget for everyone to go on a training course every year and expect you to share what you're learning. Every week we talk about what we've achieved, learned and reflect on a problem we'll need to solve soon.

You can find out more about what it's like to work at Cydea on our website: https://cydea.com/careers/

Does that sound good? Apply below!